What is InfraSec Risk Assessment at Argon Cyber Security?
Here at Argon Cyber Security, we provide the InfraSec Risk Assessment service, a comprehensive solution designed to identify, analyze, and mitigate security risks within your IT infrastructure. Our goal is to ensure your organization’s information systems are secure, compliant, and resilient against cyber threats
How Does It Work?
- Initial Consultation: We begin by understanding your unique goals and requirements.
- Kick-off meeting: The meeting with a team to finish the onboarding process.
- External and/or Internal Testing: Evaluation of your organization’s compliance with relevant industry standards and regulations. (Check bellow for more info)
- Real-World Threat Modeling: We construct scenarios that vividly illustrate how attackers could leverage identified issues.
- Presentation: Before delivering the Detailed Report, we’ll provide a presentation where we walk you through our findings, explaining the vulnerabilities and the associated threat scenarios.
- Detailed Report Delivery: You receive a comprehensive report with actionable remediations for found issues.
Testing Phases
Planning and Preparation
Scope Definition: Identify the systems, networks, applications, and other assets that will be tested.
Goals Setting: Determine the specific objectives, such as identifying vulnerabilities, testing defenses, or assessing compliance with security policies.
Rules of Engagement: Establish the parameters of the test, including timelines, legal considerations, and communication protocols.
Reconnaissance (Information Gathering)
Objective: Collect as much information as possible about the target to identify potential attack vectors.
Passive Reconnaissance: Gather information without directly interacting with the target (e.g., using public databases, social media, and open-source intelligence).
Active Reconnaissance: Directly interact with the target systems to gather more detailed information (e.g., network scanning, service enumeration).
Scanning and Enumeration
Objective: Identify live hosts, open ports, and available services within the target environment.
Network Scanning: Use tools like Nmap to identify live hosts and open ports on the network.
Service Enumeration: Identify running services and their versions to detect potential vulnerabilities (e.g., using tools like Nessus or OpenVAS).
Vulnerability Scanning: Scan the identified services for known vulnerabilities.
Exploitation
Objective: Attempt to exploit identified vulnerabilities to gain unauthorized access or escalate privileges.
Manual Exploitation: Manually exploit vulnerabilities using custom scripts or known exploits.
Automated Exploitation: Use automated tools like Metasploit to exploit vulnerabilities.
Privilege Escalation: Once access is gained, attempt to escalate privileges to gain deeper access to the system or network.
Post-Exploitation
Objective: Assess the impact of the exploitation and gather additional information from the compromised system.
Data Exfiltration: Test the ability to extract sensitive data from the compromised systems.
Pivoting: Use the compromised system as a foothold to explore and attack other systems within the network.
Maintaining Access: Implement backdoors or other methods to maintain access to the compromised system.
Reporting
Objective: Document the findings, including vulnerabilities discovered, exploits performed, and the overall impact.
Executive Summary: Provide a high-level overview of the findings, including risk levels and business impacts.
Detailed Findings: Document each vulnerability, how it was exploited, and its impact.
Remediation Recommendations: Provide actionable recommendations to fix the identified vulnerabilities and improve overall security posture.
Packages
| External | Internal | External/Internal | |
|---|---|---|---|
| External Reconnaissance | Included | None | Included |
| Credential Leak Check | Included | Included | Included |
| External Vulnerability Assessment (Automated/Manual) | Included | None | Included |
| Internal Vulnerability Assessment (Automated/Manual) | None | Included | Included |
| Automated Testing of the Web Apps (up to 10) | Included | None | Included |
| Active Directory Assessment * | None | If applicable | If applicable |
| Threat Modeling | Included | Included | Included |
| Code Analysis | None | None | None |
| Design Review | None | Included | Included |
| Duration | 3 days | 5 days | 8 days |
